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REMARKS 

In view of the following remarks, Applicants respectfully request 
reconsideration and allowance of the subject application. Claims 1-21 and 26 are 
canceled without prejudice. Claims 22-25 and 27-31 were previously presented and 
are pending. 

35 U.S.C. S102 Rejections 

Claims 19-26 stand rejected under 35 U.S.C §102 as being anticipated by U.S. 
Patent No. 6,2 12,558 to Antur et al. In response, the Applicants respectfully maintain 
the amendments and arguments advanced in the response filed 8/23/2004, and 
Applicants submit the following additional arguments traversing the §102 rejection of 
Claims 22-25. 

The Antur Reference 

Generally, Antur discloses a technique for configuring a plurality of network 
security devices. In operation, Antur teaches that each network security device is 
coupled in a network. A server provides network directory services for the network 
that includes services for configuring the network security devices. The director 
services server provides a directory services database for storing configuration 
information for the network. The configuration information is provided by the 
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director service server in response to a security policy implemented by the network 
directory services server. See coL 1 0, line 62 through col, 1 1 , line 28. 

Response to the $102 Rejections 

Independent Claim 22 recites a system for securing communication between 
an internal computer network and an external computer network, comprising: 

• a client located in the internal computer network; 

• a server located in the external computer network and in communication 
with the client; and 

• an application-level gateway proxy device comprising: 

* components for (1) performing, at a packet level, a network address 
translation upon a stream of packets originating from the client and 
(2) filtering, at a stream level, the stream of packets and transmitting 
the packets to the server, wherein the filtering is transparent to the 
client; and 

• a communications socket internal to the application-level gateway 
proxy device and communicatively connected to the components for 
(1) performing the network address translation and (2) filtering. 



Iee©hayes pile 509.324-925$ 9ofl6 ATTORNEY DOCKET NO M$] -258 1 US 

RESPONSE TO OFFICE ACTION DATED : JUNE 30. 2005 APPLICATION NO. 09/541 461 



PAGE 12/19* RCVD AT 11130/2005 3:08:44 PM [Eastern Standard Time] ' SVR:USPTO-EFXRF-6/35 * DNISOTOO 1 CSID:15093238979 * DURATION (mm-ss):04-28 



NOU 30 2005 12=13 FR 00 



15093238979 TO 15712738300 P. 13/19 



Antur does not disclose u an application-level gateway proxy device" 
comprising "components for (1) performing ... a network address translation upon a 
stream of packets originating from the client and (2) filtering ... the stream of packets 
and transmitting the packets to the server " Instead, Antur provides a general survey 
of various types of firewalls. The survey describes the function of an application 
level-gateway and that it may also use network address translation. However, Antur 
does not show the combination of the application-level gateway and the network 
address translation as is recited in Claim 22. 

The Office refers to Antur at col. 4, lines 1-7 and 27-67, col. 3, lines 58-67 and 
coL 5 lines 10-20 and 27-46, to support the assertion that Antur teaches "an 
application-level gateway proxy device" comprising "components for (1) performing, 
at a packet level, a network address translation upon a stream of packets originating 
from the client and (2) filtering, at a stream level, the stream of packets and 
transmitting the packets to the server, wherein the filtering is transparent to the 
client," as recited in Claim 22. The Applicants respectfully disagree with the Office's 
position because the relied upon passages do not support the Office's assertion. In 
particular, Antur describes at an abstract level that an application-level gateway 
firewall can use network address translation (NAT), at coL 4, lines 65-67, However, 
Antur does not disclose how <A the application process" for controlling communications 
is combined with network address translation. For instance, Antur does not disclose 
whether the packets received from the client are received first by the NAT or the 
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"application process." Accordingly, Antur does not set forth the same elements as 
they are recited in Claim 22. 

Furthermore, Claim 22 has been amended to include "a communication socket 
internal to the application-level gateway proxy device and communicatively 
connected to the components for (1) performing the network address translation and 
(2) filtering." Antur does not mention a communication socket in combination with 
the application-level gateway and network address translation, as recited in Claim 22, 
Thus, Antur fails to disclose each and every element of Claim 22. 

For at least the reasons set forth above, Applicants respectfully submit that 
Claim 22 is allowable over Antur. Accordingly, Applicants request that the §102(e) 
rejection of Claim 22 be withdrawn and that Claim 22 be allowed. 

Claim 23 is allowable by virtue of its dependency on respective base Claim 22, 
as well as the additional elements it recites. Accordingly, Applicants also request that 
the § 102(e) rejection of Claim 23 be withdrawn and that Claim 23 be allowed. 

Claim 24 recites an application-level gateway proxy device comprising: 

• a component for performing, at a packet level, a network address translation 
with respect to a stream of packets originating from a client in an internal 
network, wherein the client is communicating the stream of packets to a 
server located in an external network; 
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a component for filtering, at a stream level, the stream of packets, wherein 
the filtering is transparent to the client; 

a communication socket internal to the application-level gateway proxy 
device and communicatively connected to: 

• the component for performing the network address translation; and 

• the component for filtering; and 

a component for transmitting the packets to the server after the packets are 
filtered 



Antur also does not disclose "a communication socket internal to the 
application-level gateway proxy device and communicatively connected to the 
component for performing the network address translation and the component for 
filtering." Antur does not mention a communication socket in combination with the 
application-level gateway and network address translation, as recited in Claim 24. 
Thus, Antur fails to disclose each and every element and having me claimed 
relationship between the elements. 

Applicants therefore respectfully submit that Claim 24 is patentable over 
Antur. Accordingly, Applicants request that the §l02(e) rejection of Claim 24 be 
withdrawn and that Claim 24 be allowed. 

Claim 25 is allowable by virtue of its dependency on respective base Claim 24, 
as well as the additional elements it recites. Accordingly, Applicants respectfully 
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request that the § 102(e) rejection of Claim 25 be withdrawn and that Claim 25 be 
allowed. 

New Claims 

Claims 27-31 were newly presented in the previous response filed 8/23/2004. 
Applicants respectfully assert that Claims 27-31 are patentably distinguishable over 
Antur for at least the reasons described above. 

In addition, Claims 27-29 are allowable by virtue of their dependency on 
respective base Claim 24, as well as the additional elements they recite. Accordingly, 
Applicants respectfully request that the § 102(e) rejection of Claims 27-29 be 
withdrawn and that Claims 27-29 be allowed. 

Independent Claim 30 recites a computer-implemented method for 
communication between a first network and a second network comprising: 

• intercepting, at a first external socket of a proxy network address translation 
device, a stream of packets; 

• performing, at a first internal component of the proxy network address 
translation device, a network address translation upon the stream of 
packets, the network address translation occurring at a packet level; 

• transmitting, from the first internal component of the proxy network 
address translation device, the translated stream of packets; 
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* filtering, at the second internal component of the proxy network address 
translation device, the translated stream of packets, the filtering 
occurring at a stream level; and 

• transmitting, from the second external socket of the proxy network address 
translation device, the translated and filtered stream of packets 

Antur does not disclose "performing ... a network address translation upon the 
stream of packets/' "transmitting ... the translated stream of packets, "from the first 
internal component of the proxy network address translation device" to "the second 
internal component of the proxy network address translation device" and "filtering 
the translated stream of packets," as recited in Claim 30. Instead, Antur merely 
provides a general survey of various types of firewalls. The survey describes the 
function of an application level-gateway and that it may also use network address 
translation. However, Antur does not show the combination of the application-level 
gateway and the network address translation as is recited in Claim 30. 

Furthermore, Antur does not disclose "performing, at a first internal 
component of the proxy network address translation device, a network address 
translation upon the stream of packets, the network address translation occurring at a 
packet level; transmitting, from the first internal component of the proxy network 
address translation device, the translated stream of packets; and filtering, at the second 
internal component of the proxy network address translation device, the translated 
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stream of packets, the filtering occurring at a stream level," as recited in Claim 30. 
For instance, Antur does not disclose whether the packets rece ived from the client are 
received first by the NAT or the "application process." Accordingly, Antur does not 
set forth the same elements and having the claimed relationship between the elements. 
Thus, Applicants therefore respectfully submit that Claim 30 is patentable over 

Antur. 

Claim 31 is allowable by virtue of its dependency on base Claim 30. In 
addition Claim 31 recites the computer-implemented method for communication 
between the first network and the second network of Claim 30, "wherein transmitting 
from the first internal component of the proxy network address tr anslation device to 
the second internal component of the proxy network address translation device 
comprises transmitting the translated stream of packets th rough an internal socket of 
the proxy network address translation service . Antur disclosure does not mention a 
socket in combination with the application-level gateway and network address 
translation. Thus, Antur fails to disclose each and every element and having the 
claimed relationship between the elements as recited in Claim 31. 

Applicants therefore respectfully submit that Claim 31 is allowable over Antur. 
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Conclusion 



Applicants submit that pending Claims 22-25 and 27-31 are in condition for 
allowance and respectfully requests that this application be allowed and forwarded on 



to issuance. 



Respectfully Submitted, 



Date: 





Reg. No. 46,274 
Attorney for Applicants 

Lee & Hayes, PLLC 
421 W. Riverside Avenue, Suite 500 
Spokane, Washington 99201 
Telephone; (509) 324-9256 ext 235 
Facsimile: (509)323-8979 
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